As we head towards the infamous Black Friday and Cyber Monday, scammers will be looking to take full advantage of unsuspecting online shoppers. This means that organisations and their employees need to be aware, alert and on the lookout for potential scams.
But what are the security threats and how can both organisations and consumers avoid them?
Black Friday, and Cyber Monday that follows, represent that time of year when the best deals and prices are on offer at retailers and online shopping platforms. Usually there is only limited stock on the latest and greatest deals and people are often in a frenzy to grab what they can. Unfortunately this means that security and personal information is often treated as an after-thought and not as a high priority.
In today’s cyber world, no one is immune from data theft. New exploits or vulnerabilities are released daily and are constantly evolving. Cyber security is everyone’s responsibility, not just that of your IT department. Thus ensuring that everyone has the same level of understanding on basic cyber security is essential.
Falling for a scam can be as simple as clicking on an email link or visiting an unsecure website where attacks take place in the background. Below we cover some common attacks and provide some practical advice to identify phishing and other attacks and thereby reduce your chances of falling victim to online scams and fraud.
Here are 8 cybersecurity tips for Black Friday and Cyber Monday to keep you safe:
1. Be alert and aware when using public Wi-Fi
Do not conduct sensitive activities or provide personal information such as online shopping and credit card details using a public wireless network. Free Wi-Fi networks are often not proactively monitored and updated and are therefore hacker's paradise owing to lack of security.
2. Ensure that the online shopping website has an HTTPS connection with a valid security certificate
Data that is sent over a regular HTTP connection, between your browser and the online shopping site, is sent in plain text and therefore can be read by any hacker looking to exploit you. (HTTPS) is the secure version of HTTP. This uses a certificate and secure communication between your browser and the site is thus encrypted. An HTTPS certificate is a public “security certificate” that is issued by a “certificate authority” after several verification steps have been done to confirm the legitimacy of the organisation that is requesting the certificate.
3. Password Security
Ensure that you use different passwords for different E-commerce websites and mobile apps. Make use of passwords that are complex and unique, containing a mixture of numbers, lowercase & uppercase letters and symbols.
When using your social accounts (Google, Facebook etc.) to login into e-commerce sites, remember to first enable multi-factor or two-phase security authentication on your social accounts so that you are alerted when there is a login attempt to your account.
4. Be cautious about online offers
Deals that look too good to be true, probably are. Scammers will often post up an offer that is too good to pass up in the hope that it will lure victims into handing over their credit card details or personal information. If an item usually sells for R10 000 but is on special for R1000, it’s more than likely a scam.
5. Think before you click
Use caution when clicking on any unknown links. Delete emails that seem suspicious or are from unknown sources. Links will sometimes lure you onto a website that looks exactly like the original but is hosted at a different URL. Check the domain names and URL’s when performing online shopping and avoid following links from an email. Rather open your browser and navigate to the online shopping site yourself to see if the item is available.
6. Limit the amount of information you post online
When you create a new account on any online shopping website or app, ensure that you only provide the basic information required to create your account. There is no need for you to answer security or privacy questions while making a purchase or checking out on the E-commerce app or website. Hackers often use this information in order to learn more about you in order to hack you more effectively.
7. Grammar check
As many cyber thieves are located in developing countries they often fall under the language barrier. They often make use of translation software which is regularly found to misinterpret words. Therefore, if you want to protect yourself from scams, stay away from discount-driven emails filled with spelling errors as they are sure signs of fraud.
8. Online banking transactions
Be cautious when paying for something online. Online shopping sites SHOULD make use of secure payment gateways and usually redirect any payment to a secure site or portal hosted by a bank or payment gateway. Verify that this is secure and legitimate before providing your credit card details and OTP. Online retailers have NO reason to store your banking details and should not do so. The payment information should only be exchanged with a secure banking portal.
Where possible, use a virtual credit/debit card as this is more secure due to the temporary nature of the card’s CVV number.